CVE-2025-51529 Information
Aug 20, 2025
cve
Description
Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint.
Reference
http://cookies.com http://johan.com https://gist.github.com/piotrmaciejbednarski/f738145c0ab24a110649dc16907e395b https://github.com/piotrmaciejbednarski/CVE-2025-51529
Related CNNVD
CNNVD-202508-2106 (Published: 2025-08-19)
Share on: